CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Zero-Day Warning: Unpatched Twonky Server Flaws Expose Media to Total Takeover
A critical security warning has been issued for users of Twonky Server, the popular media server software found on countless NAS devices and routers. In a concerning development, researchers at Rapid7 ...
-
Daily CyberSecurity
Angular Alert: Protocol-Relative URLs Leak XSRF Tokens (CVE-2025-66035)
The Angular team has issued a high-severity security advisory regarding a logic flaw in the framework’s HTTP Client that could render applications vulnerable to Cross-Site Request Forgery (CSRF) attac ...
-
Daily CyberSecurity
GitLab Patch: Fixes CI/CD Credential Theft & Unauthenticated DoS Attacks
GitLab has released an important security update today affecting both its Community Edition (CE) and Enterprise Edition (EE). The release addresses multiple high-severity vulnerabilities, ranging from ...
-
BleepingComputer
New ShadowV2 botnet malware used AWS outage as a test opportunity
A new Mirai-based botnet malware named ‘ShadowV2’ has been observed targeting IoT devices from D-Link, TP-Link, and other vendors with exploits for known vulnerabilities. Fortinet’s FortiGuard Labs re ...
-
Kaspersky
Microsoft Exchange on-premises hardening recommendations
Few cybersecurity experts would dispute that attacks on Microsoft Exchange servers should be viewed as inevitable, and the risk of compromise remains consistently high. In October, Microsoft ended sup ...
-
BleepingComputer
Popular Forge library gets fix for signature verification bypass flaw
A vulnerability in the ‘node-forge’ package, a popular JavaScript cryptography library, could be exploited to bypass signature verifications by crafting data that appears valid. The flaw is tracked as ...
-
The Register
Botnet takes advantage of AWS outage to smack 28 countries
A Mirai-based botnet named ShadowV2 emerged during last October's widespread AWS outage, infecting IoT devices across industries and continents, likely serving as a "test run" for future attacks, acco ...
-
CybersecurityNews
Water Gamayun APT Hackers Exploit MSC EvilTwin Vulnerability to Inject Malicious Code
Water Gamayun, a persistent threat group, has recently intensified its efforts by exploiting a newly identified MSC EvilTwin vulnerability (CVE-2025-26633) in Windows systems. This malware campaign is ...
-
security.nl
Asus waarschuwt voor kritieke AiCloud-kwetsbaarheid in routers
Asus waarschuwt voor een kritieke kwetsbaarheid in AiCloud, waardoor een ongeauthenticeerde aanvaller op afstand toegang tot routers kan krijgen. Er zijn firmware-updates uitgebracht om het probleem t ...
-
CybersecurityNews
Hackers Exploit NTLM Authentication Flaws to Target Windows Systems
More than two decades after its initial discovery, the NTLM authentication protocol continues to plague Windows systems worldwide. What started in 2001 as a theoretical vulnerability has evolved into ...